# Security Policy

## Supported Versions

| Version | Supported          |
| ------- | ------------------ |
| 2.x.x   | :white_check_mark: |
| 1.x.x   | :x:                |
| 0.17.x  | :x:                |
| < 0.17  | :x:                |

## Reporting a Vulnerability

If you have found a potential security threat, vulnerability or exploit in Quasar
or one of its upstream dependencies, please DON’T create a pull-request, DON’T
file an issue on GitHub, DON’T mention it on Discord and DON’T create a forum thread.

DO reach out to the team by sending an email to security@quasar.dev - we
will investigate and work with you to triage this issue and help you to report it
if appropriate. At the current time we do not have the financial ability to reward
bounties, but in extreme cases will at our discretion consider a reward.

## Security Audit

You can apply to book the Quasar team’s security experts to perform a Security Audit
for your project. Contact us to find out more about how to acquire, validate and publish
an official timestamped and version-locked audit badge.

security@quasar.dev

## Security Documentation

https://quasar.dev/security/
